Daily security advisory and CVE watch for your stack

Every morning, scan the web for new vulnerabilities and breaking changes affecting your packages, file high severity issues in Linear, and post a digest to Slack.

Agentic Task
TavilyLinearSlack BotEngineeringNotifications & AlertsResearch & MonitoringDaily Digests
PromptCreate workflow

Build me an agent workflow that runs every day at 9am and watches the web for new security advisories, CVEs, breaking changes, and major release notes affecting the packages and frameworks my team depends on.

Configurable inputs at the top of the workflow:

- A list of tracked packages / frameworks (e.g. react, django, postgres, openssl). Start with a sensible default list but make it easy to edit. - The Linear team and project where security tickets should be filed. - The Slack channel that should receive the daily digest. - A severity threshold for filing tickets (default: high and critical).

For each tracked package, use Tavily Search to find items published in the last 24 hours. Run a few focused queries per package and bias to recent results with a 1 day time range. Useful query shapes:

- "<package> CVE OR vulnerability OR security advisory" - "<package> breaking change OR major release notes" - Optionally include site filters like site:nvd.nist.gov, site:github.com/advisories, or the project's official changelog.

For every finding, have the agent grade it on: - Severity (critical, high, medium, low), using CVSS where available and qualitative judgment otherwise. - Relevance to the user's stack (does this actually affect the package and version range we use, or is it a different ecosystem with the same name).

For anything that meets the severity threshold AND is relevant, call Linear Create Issue in the configured team/project. The issue body should include: a clear title (CVE id or advisory id plus package name), a short summary of the vulnerability and how it could affect us, the CVE identifier, severity, source link, publish date, and a suggested next action (upgrade to version X, apply patch, monitor, etc).

Before filing, dedupe against Linear: use List Issues or Search Issues to look at issues in the configured project created in the past seven days. Match on CVE id in the title or description, and also fuzzy-match on package + advisory title. If a matching issue already exists, do NOT file a new one, and mark the finding as a duplicate in the digest instead.

After processing every package, ALWAYS call Slack Send a Message (via the Slack Bot integration) to post a single digest into the configured engineering channel, even on quiet days when nothing was found. The digest should include: - Which packages were scanned. - Total findings and a count by severity. - A short bullet for each high / critical finding with the source link. - A list of new Linear issues filed (with links). - A list of suppressed duplicates with links to the existing Linear issues.

Format the Slack digest using Slack mrkdwn (e.g. *bold*, <url|text>) so links and section headers render cleanly. Keep it scannable — one section per severity bucket, then a 'New tickets' section, then a 'Duplicates skipped' section.

Additional information

What does this prompt do?
  • Scans the web every morning for new security advisories, CVEs, and breaking changes that affect the packages and frameworks your team uses.
  • Grades each finding by severity and by how relevant it is to your stack, so the team only gets pinged about things that actually matter.
  • Files a Linear ticket for every high or critical item, with a clear summary, the CVE identifier, source link, and a suggested next action.
  • Posts a single Slack digest to your engineering channel so the team sees the full picture at a glance, including duplicates that were skipped.
What do I need to use this?
  • A Tavily account for web search.
  • A Linear workspace with a team or project where security issues should be filed.
  • A Slack workspace and a channel for engineering alerts.
  • A list of the packages, frameworks, and libraries your team depends on (for example React, Django, Postgres, OpenSSL).
How can I customize it?
  • Edit the list of packages and frameworks the agent watches and add new ones as your stack changes.
  • Choose which Linear team and project the tickets get filed into, and what state they start in (Backlog, Triage, etc).
  • Pick the Slack channel the morning digest goes to, and shift the schedule to match your team's working hours.
  • Tune the severity threshold so you can file tickets for critical only, or also include high and medium findings.

Frequently asked questions

How does the agent know which packages I care about?
You give it a watch list at the top of the workflow. Add or remove packages whenever your stack changes and the next run will pick them up.
Will the same CVE get filed twice?
No. Before filing, the agent checks Linear for issues created in the last seven days that match the same advisory, and notes those as duplicates in the Slack digest instead of opening a new ticket.
What happens on a quiet day with no new advisories?
You still get a short Slack digest confirming the scan ran and found nothing new, so there are no silent failures and you always know it is working.
Can I run this on a different schedule?
Yes. Change the schedule to weekdays only, twice a day, or any other cadence that fits your team.
Does it cover breaking changes too, or just security issues?
Both. The agent also looks for major release notes and breaking changes so your team is not caught off guard by upstream updates.

Stop missing the CVE that drops at 3am.

Connect Tavily, Linear, and Slack once. Geni scans your dependencies every morning and files the urgent stuff for you.

Explore more promptsCreate workflow